Security/Sandbox/2014-09-11

« previous week | index | next week »

11 September 2014

Standup/status

• Windows sandboxing
  • GMP/OpenH264/EME
    • Bug 1027906 - Requested approval to uplift to beta
    • Working with people to get their [thanks Jed ;)] EME plugin working
• Content
  • Bug 1018966 - Warn only sandbox - landed. Might need to follow-up with a bug to reduce some of the noise.
  • Bug 1018988 - Low Integrity Temp directory - landed. Going to follow-up with a bug to deal with cleaning up after a crash.
  • Patches to add a --content-sandbox flag to mach for mochitests. (no bug yet).
  • Started looking at log parser to track number of sandbox violations. (no bug yet).
• Linux/B2G
  • Fallout from library separation seems to be fixed?
  • Tests aren't creating/deleting files directly anymore (at least via nsLocalFile).
  • Still unclear about the fate of jar URLs...
    • (This is actually platform-independent, but it's blocking things on Linux.)
  • Ongoing: migrating to the rest of Chromium's seccomp compiler/userland
• Mac sandboxing
  • André working on chrome process sandboxing: bug 387248

Round table

• Directory Service changeable via privileged JS.
• Conclusion seemed to be that this is not something that should worry us.
• I'm not aware of any sec review that GMP sandboxing has received. Do we want sec review for that? Or maybe sec review of GMP would cover that
• GMP tests: https://bugzilla.mozilla.org/show_bug.cgi?id=1054621
• Q4 Goals
• EME on all platforms
• content sandbox on all platforms
• Prereq: plugin launch changes from https://bugzilla.mozilla.org/show_bug.cgi?id=641685
• do not need to sandbox plugin process yet (maybe Q1)

Actions

• Tim to schedule sec review [update: Asked about this in IRC, will file bugs]
• Bob to coordinate generating Q4 goals
• cpeterson to add notes about warn-only sandbox to e10s notes for add-on developers